This project proposes a security management system called Moon. NFV uses cloud computing technologies to virtualize the resources and automate the control. The cloud infrastructure is able to provision a set of different cloud resources/services for VNFs (Virtualized Network Functions). Management of isolation and protection of, and interaction between, these VNFs become a big challenge. In order to avoid losing control over the VNFs in the cloud, Moon aims at designing and developing a security management system for OPNFV. We can create security managers to protect different layers of the NFV infrastructure, and choose various security project mechanisms “a la cart” to enforcement related security managers. A security management system integrates mechanisms of different security aspects. This project will firstly propose security manager that specifies users’ security requirements. It will also enforce the security managers through various mechanisms like authorization for access control, firewall for networking, isolation for storage, logging for tractability, etc.
This project works on a security management system to monitor, control and manage VNFs based on the OpenStack infrastructure:
The first draft code of moon is available over: Moon Github
Test suite for continuous integration will be developped.
In the first release we will provide a light-weight security management with only authorization, log as protection mechanisms for all the created VNFs and the whole infrastructure.
Moon OPNFV Rel 2 timeframe: 2S 2015